Merge pull request #14 from Authress/improve-token-verify-throw

Throw Exception when token is invalid but not expired.

Author: wparad

authress/api/token_verifier.py

@@ -55,7 +55,7 @@ def verify_token(self, authressCustomDomain, token, options=None):
 
     try:
       return jwt.decode(authenticationToken, jwt.api_jwk.PyJWK.from_dict(jwk).key, algorithms=['EdDSA'], options = { 'verify_aud': False })
-    except jwt.ExpiredSignatureError:
+    except:
       raise Exception("Unauthorized", "Token is invalid")
 
   def get_public_key(self, jwkKeyListUrl, kid):